openconnect: allow disable dtls with bool option no_dtls

openconnect may emit following error logs every minute when negotiating
with deployments forbidding usage of dtls

  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: DTLS handshake failed: Error in the push function.
  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: (Is a firewall preventing you from sending UDP packets?)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile
index 73bb315ed3644cd37aa21729bd3a434bdd79e142..36ec25f3fc0bb86fc77d2ee62d79e9fb1c643cf0 100644 (file)
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openconnect
 PKG_VERSION:=8.10
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/

diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index 97d90cb7270b9c43b5788240dcd94d92c00a2c88..aef13a3c33cbb6ddec759217c7070ed7776a711d 100755 (executable)
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -15,6 +15,7 @@ proto_openconnect_init_config() {
        proto_config_add_int "port"
        proto_config_add_int "mtu"
        proto_config_add_int "juniper"
+       proto_config_add_boolean "no_dtls"
        proto_config_add_string "interface"
        proto_config_add_string "username"
        proto_config_add_string "serverhash"
@@ -46,6 +47,7 @@ proto_openconnect_setup() {
                interface \
                juniper \
                mtu \
+               no_dtls \
                os \
                password \
                password2 \
@@ -72,6 +74,7 @@ proto_openconnect_setup() {
        [ -n "$port" ] && port=":$port"
 
        append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
+       [ "$no_dtls" = 1 ] && append_args --no-dtls
        [ -n "$mtu" ] && append_args --mtu "$mtu"
 
        # migrate to standard config files